Harper renews NCUA's call for vendor oversight powers

Todd Harper, the junior member of the National Credit Union Administration board, emphasized Wednesday the need for cybersecurity protections across the industry and reiterated the agency’s long-standing request to Congress for third-party vendor oversight.

Credit Union National Association

“Closing this regulatory blind spot would better protect the credit union system from cyber threats and place the agency on a more level playing field with the other financial institutions’ regulators,” Harper said, according to a copy of his prepared remarks. “It would also provide a measure of regulatory relief.”

Much of the industry has pushed back against NCUA’s vendor-oversight claims, citing a lack of internal expertise and existing powers already in place, but the regulator continues to make the ask. Last fall, discussion draft legislation emerged that would have granted NCUA and the Federal Housing Finance Agency those privileges, but that legislation appears to be stalled for the time being.

Diversity and inclusion remains a pressing topic within the industry, and Harper used his remarks as another opportunity to tout the regulator’s efforts in that area.

“Because diversity and inclusion is a good investment, I have championed the voluntary diversity self-assessment available at cudiversity.ncua.gov,” he said. “The survey is voluntary and private. Individual responses will not be made public. I encourage you to complete the survey.”

Less than 10% of the industry has responded to NCUA’s survey in recent years, and last fall, during the agency’s inaugural diversity summit, some credit union leaders pushed back on the self-assessment.

Harper also used his conference remarks to resurrect his 2019 push to increase the regulator’s consumer-protection efforts, particularly for those credit unions that have assets over $1 billion in assets but have not yet hit the $10 billion threshold for CFPB supervision. He said the agency should establish a supervisory program to ensure compliance with consumer financial protections. Harper’s proposal had some support within the agency but fell short in the end over concerns about its budgetary impact.

“Think about it this way,” he said Wednesday. “Consumer compliance exams are like performing regular maintenance on your car. Would you go 10 years without getting a tuneup and checking your oil? None of us would. My proposal is about ensuring that a credit union runs smoothly, and if it does not, providing the maintenance needed to optimize credit union performance.”

Harper did not specify whether he had plans to bring the issue before the board again.

Lastly, Harper outlined some of the issues he is most concerned about, including concentration risk and liquidity worries, rising consumer debt levels and the possibility for increased delinquencies in the run-up to a recession, and the role poor (or no) succession planning is having on credit union consolidation.

“Overall, about one in five credit unions lack CEO succession plans,” he said. “Some data I have seen indicate that a large proportion of credit union CEOs and executives are baby boomers who will be part of a retirement wave. With these retirements, flat budgets and tight labor markets, there is a real need for credit unions of all sizes to focus on succession planning, especially if we want to curtail credit union mergers.”

Harper’s colleagues on the board, Mark McWatters and Chairman Rodney Hood, addressed the GAC audience on Monday and Tuesday, respectively.